1. Field of the Invention
This invention pertains in general to computer security and in particular to the development of security data that protects against execution of malicious script operations by websites.
2. Description of the Related Art
There is a wide variety of malicious software (malware) that can attack modern computers. One type of malware threat includes malicious websites that exploit security vulnerabilities in browsers that load web pages from the websites. When a web page from a malicious website is loaded, a malicious script (e.g., JavaScript or VBScript) in the page manipulates a scriptable object on the page, such as a text box, form field, or table in a manner that is inconsistent with the object's intended operation. For example, the script can provide a form field object with a value that exceeds an expected range, such as a number or string that is too large. Similarly, the script can perform an inconsistent sequence of operations, such as attempting to delete rows of an empty table. Additionally, the malicious script may manipulate a browser add-on or extension object (e.g., an ActiveX control, plug-in, or extension) in a manner that is inconsistent with the object's intended operation.
Some of these manipulations allow a security vulnerability in the browser or browser add-on and extension object to be exploited. Thus, malicious actors can create web pages having malicious scripts that perform the manipulations in order to compromise computers of website visitors. Once the computers are compromised, the malicious actors can perform additional malicious actions, such as stealing data and executing malicious code on the compromised computers.
Accordingly, there is a need in the art for ways to detect scripts attempting to perform malicious actions.